The Black Hat security conference kicked off yesterday in Las Vegas, and one researcher has demonstrated an NFC exploit that affects Android and certain Nokia phones. Charlie Miller showed how NFC is typically enabled by default on most Android phones, and by getting close enough to the device it could be redirected automatically to malicious websites. In addition, he was able to send malware over to the device that exploits the browser, allowing the attacker to read cookie data, view web history, and even hijack the phone.
Read The Full Story
- Lenovo ThinkPad Helix unboxing and first impressions
- Qualcomm Snapdragon 800 series developer platform hands-on
- Huawei Ascend P6 hands-on (Just don’t ask about Beauty Shot)
- SlashGear 101: PRISM, FISA, and the modern NSA
- Mad Catz Project M.O.J.O. hands-on
- iOS 7 and the rebirth of iPhone
- NVIDIA SHIELD as mini game console: hands-on with Nyko PlayPad Pro
‘hacks’ Stories
Android and Nokia NFC exploits detailed at Black Hat
Latest ATM skimmers get thinner
ATM skimmers lift credit and debit card information by attaching to the card slot on the machine, although such modifications have typically been spotted quickly due to their bulky and obvious nature. Over the years, skimmers have become increasingly hard to detect, resulting in mass fraud until the banks fix the affected ATM. The latest generation of ATM skimmers are said to be so thin that they can be inserted directly into a card slot without arousing suspicion.
Read The Full Story
Global spam falls by 18% as Grum botnet is knocked offline
There are dedicated botnets out there in the wide world that exist solely for the purpose of distributing spam. Grub, the third largest botnet in the world, was finally taken offline by security experts yesterday, resulting in a dramatic 18% reduction of global spam. Grum’s servers, which were based in Russia, Panama, and the Netherlands, controled around 100,000 PCs. The two botnets that take first and second place, Cutwail and Lethic, are still active.
Read The Full Story
Anonymous and WikiLeaks relationship detailed
The strange nature of the relationship between Anonymous and WikiLeaks has been detailed in a report from International Business Times. Members of the group spoke to IBTimes following a Twitter row over the leaked emails from Syria, with one individual saying the relationship between the two entities is “complex.” As it turns out, there’s crossover between both groups, with some individuals working on both sides to gather and expose information.
Read The Full Story
Russian developer circumvents iOS in-app purchase system [UPDATE: Apple responds]
It wasn’t long after the introduction of the App Store on iOS before a separate app store for hacked apps appeared. Now it looks like the in-app purchasing system may have been circumvented without requiring a jailbreak. A Russian developer has created two certificates that can be installed on an iOS device that tricks apps into believing in-app purchases have been made, all without contacting Apple’s servers.
Read The Full Story
Billabong, NVIDIA, and Android Forums all affected by hacks
Yesterday Yahoo! suffered a major security breach as it saw over 400,000 passwords leak out. The group responsible for the hack claimed it was to expose the shoddy security methods employed by the company, and wasn’t intended as a malicious attack. It looks like Yahoo! wasn’t the only victim, as several other companies have had their databases exposed and pasted onto the internet due to similar security lapses.
Read The Full Story
New Android malware spreads via hacked websites
Android is being plagued by malware once again. The security firm Lookout has warned users about a new Android trojan that spreads itself via compromised websites. The trojan can potentially break into government and corporate networks if left unchecked. Right now the trojan seems fairly innocuous, posing as a software update to the user and residing on the system once installed.
Read The Full Story
Anonymous China hacks government websites in protest
Looks like those hacktivists are at it again. Anonymous has defaced even more websites, although the legion of hackers seems to be branching out, with this attack being perpetrated by Chinese Anonymous members. Hundreds of Chinese government websites have been defaced in the usual spectacular fashion. Dumps full of emails and phone numbers have also hit the internet via Pastebin, as well as instructions by the group on how to bypass the Great Firewall of China.
Read The Full Story
Anonymous pledges weekly attacks on Friday
We're all used to celebrating Fridays as the end of the work or school week, giving us a chance to relax and unwind, and creating excuses so we don't have to wake up early on Saturday. But for another group of people, Fridays will become a bit more serious. Infamous hacking group Anonymous has decided to commit to at least of hack every week, and it will happen on Fridays.
Read The Full Story
Anonymous Disowns Operation Facebook, Attack Talks Continue
It appears very likely now that the original call to action for what was (and still possibly is) called “Operation Facebook” is now being disowned by a large number of members of the famous hacker group. If you’ll take a look at the monstrously popular Anonymous Vows Facebook Destruction post from late night Tuesday, you’ll find the original release as created by a very real member of the collective, but this newest set of information confirms that the entirety of the Anonymous collective may not agree with the proposed action.
Codemasters Hacked, User Info Compromised
If you're a fan of British video game developing, you know exactly what Codemasters is. This is The Codemasters Software Company Limited, aka one of the oldest video game developer companies in the world, having in the last 10 years established themselves in the USA as well with games such as DiRT3. In an email to customers today, Codemasters have noted that they've had an unauthorized entry into their codemasters.com webpage that has subsequently made the company have to take the entire site offline. Though they did so in order to stop the intruders from accessing information from user accounts specifically, these hackers have done so anyway.
Read The Full Story
LastPass CEO details data breach: “maybe too alarmist”
LastPass has further detailed the security breach which saw the password management company lose customer information and advise all customers to change their master password, as well as attempting to remedy issues some users had in doing so. Speaking to PCWorld, LastPass CEO Joe Siegrist confirmed that the names and passwords of up to "a couple hundred" users could have been taken, as well as their encrypted passwords; however, he also suggested that the company was "maybe too alarmist ourselves" and that the potential for misuse after the data breach was in fact low.
Read The Full Story
REVIEWS
- POPULAR STORIES THIS WEEK
- Xbox One E3 demos were played on Windows gaming PCs
- Apple's Mac Pro 2013 and the Form vs. Function War
- Galaxy S4 Zoom vs Galaxy Camera vs iPhone 5 vs Nokia 808 hardware photos leak
- Samsung Galaxy Tab 3 8.0 leaked again in black as Note 8.0 companion
- iOS 7 device compatibility chart unveils iPad aesthetics
- Plants vs. Zombies: Garden Warfare coming spring 2014
- Nokia Lumia 925 Review
- Huawei Ascend P6 vs iPhone 5: do similarities go just skin deep?
- RECENT COMMENTS
